Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/5sOMkzPsuVMQKz6L0JPCmtz5guI.roa
File: 5sOMkzPsuVMQKz6L0JPCmtz5guI.roa (raw, json)
Hash identifier: SizDucCi2H99O2tNCfTJwKAeCS7rHh39g/r5PY/1ZR0=
Subject key identifier: E6:C3:8C:93:33:EC:B9:53:10:2B:3E:8B:D0:93:C2:9A:DC:F9:82:E2
Certificate issuer: /CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Certificate serial: 97F819
Authority key identifier: B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/5sOMkzPsuVMQKz6L0JPCmtz5guI.roa
Signing time: Sat 01 Jan 2022 00:51:28 +0000
ROA not before: Sat 01 Jan 2022 00:51:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21454
IP address blocks: 80.252.224.0/20 maxlen: 24
185.173.237.0/24 maxlen: 24
185.173.236.0/22 maxlen: 24
188.214.198.0/24 maxlen: 24
2a10:5340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9959449 (0x97f819)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Validity
Not Before: Jan 1 00:51:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6c38c9333ecb953102b3e8bd093c29adcf982e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:89:45:95:94:64:a3:44:f6:a4:97:0f:f0:d4:
2c:c3:9a:a8:93:0f:28:b4:09:ac:ae:ff:e4:76:8c:
6f:46:ac:de:c5:c4:d0:a7:b5:70:66:98:96:92:5e:
c3:30:2a:4e:42:e3:fd:3a:2a:7b:85:21:51:c7:f5:
e8:f4:e6:bd:11:c4:85:1e:d4:93:a3:4a:1d:f6:44:
c0:de:68:e2:ca:2f:f5:e4:ef:3c:d6:49:f5:0f:27:
d5:4b:e1:5d:f9:bd:5b:a6:27:6d:6a:26:69:45:27:
8f:91:da:03:22:5d:30:3b:cd:9a:ca:97:a4:87:87:
3e:d8:de:26:ff:ac:08:ef:65:89:8d:37:38:ab:bc:
98:53:56:72:dd:7c:c6:57:4c:30:9c:f6:83:fc:4f:
98:c8:7b:af:9a:24:61:0c:0c:3f:ec:d9:e8:56:ab:
e5:c1:5c:f4:17:88:d6:2a:8f:d9:29:70:c9:05:56:
8f:09:3a:ed:8c:38:da:27:2d:a5:bd:c4:98:9c:73:
16:0d:6a:cf:f0:ec:3f:f0:7a:81:ee:c5:f6:94:66:
6c:3b:5a:9f:73:5e:4f:94:95:bd:a1:6c:d4:a0:49:
16:cf:20:f3:b1:34:78:cd:50:a1:06:ec:37:07:6f:
ec:7d:aa:a6:51:65:94:73:51:5c:cc:a0:e9:cd:6c:
ad:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C3:8C:93:33:EC:B9:53:10:2B:3E:8B:D0:93:C2:9A:DC:F9:82:E2
X509v3 Authority Key Identifier:
keyid:B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/5sOMkzPsuVMQKz6L0JPCmtz5guI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.224.0/20
185.173.236.0/22
188.214.198.0/24
IPv6:
2a10:5340::/29
Signature Algorithm: sha256WithRSAEncryption
af:7f:f5:36:11:f3:d5:50:30:2b:50:b4:8b:be:9a:52:1d:b6:
ce:57:e0:8e:e8:9e:ba:f6:e4:83:34:8f:d3:1f:b9:a4:3d:cb:
2e:07:20:ce:90:89:05:1f:92:b7:98:f2:7a:fe:9c:be:74:7c:
5d:8a:66:9f:59:af:c4:3c:8e:0d:a4:5e:1a:4d:bd:c8:46:24:
9f:16:d9:e0:ed:c0:5d:91:ae:aa:14:12:d0:0b:dc:94:87:ae:
55:51:75:3f:85:4b:4f:f0:31:f6:2e:c5:30:d2:68:62:db:31:
ce:7e:e1:ae:88:63:f3:a6:1c:15:c3:47:5d:f8:a0:49:0a:4e:
29:5e:83:49:79:06:fe:98:d9:ef:cb:2f:b3:26:1e:c7:34:e3:
ac:70:2e:b2:50:e4:78:ae:d7:15:85:fb:de:11:b2:c3:57:bf:
1d:2a:93:f6:5e:8b:1c:d8:da:d8:42:e9:72:25:47:cf:43:6e:
ec:13:d1:05:ec:0d:0a:a6:cc:9e:f0:ab:db:33:04:be:9c:aa:
fb:9c:5b:c2:15:b3:16:31:b7:67:9d:14:06:7d:ed:ec:0b:6f:
5a:af:59:ae:77:bf:1c:4c:9e:b6:20:54:fb:61:41:3c:b9:7f:
ad:e4:f5:39:97:cf:9f:5b:9f:eb:ed:9e:bd:9f:67:51:da:ce:
15:cb:18:38
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAJf4GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWUyZGMyMzQwYzUzMDliNjNlYmEyM2NmYmU3ZWVkMTFiNzRhZjQ3MB4XDTIyMDEw
MTAwNTEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZjMzhjOTMzM2Vj
Yjk1MzEwMmIzZThiZDA5M2MyOWFkY2Y5ODJlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWJRZWUZKNE9qSXD/DULMOaqJMPKLQJrK7/5HaMb0as3sXE
0Ke1cGaYlpJewzAqTkLj/Toqe4UhUcf16PTmvRHEhR7Uk6NKHfZEwN5o4sov9eTv
PNZJ9Q8n1UvhXfm9W6YnbWomaUUnj5HaAyJdMDvNmsqXpIeHPtjeJv+sCO9liY03
OKu8mFNWct18xldMMJz2g/xPmMh7r5okYQwMP+zZ6Far5cFc9BeI1iqP2SlwyQVW
jwk67Yw42ictpb3EmJxzFg1qz/DsP/B6ge7F9pRmbDtan3NeT5SVvaFs1KBJFs8g
87E0eM1QoQbsNwdv7H2qplFllHNRXMyg6c1srW8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTmw4yTM+y5UxArPovQk8Ka3PmC4jAfBgNVHSMEGDAWgBS54twjQMUwm2Pr
ojz75+7RG3SvRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VlTGNJMERGTUp0ajY2STgtLWZ1MFJ0MHIwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvNmY5OWQyLWFkMDUtNGNmYy05YTVlLTljYmVkY2VjODZkNi8x
LzVzT01relBzdVZNUUt6NkwwSlBDbXR6NWd1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
NmY5OWQyLWFkMDUtNGNmYy05YTVlLTljYmVkY2VjODZkNi8xL3VlTGNJMERGTUp0
ajY2STgtLWZ1MFJ0MHIwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBFD84AMEArmt7AMEALzWxjANBAIA
AjAHAwUDKhBTQDANBgkqhkiG9w0BAQsFAAOCAQEAr3/1NhHz1VAwK1C0i76aUh22
zlfgjuieuvbkgzSP0x+5pD3LLgcgzpCJBR+St5jyev6cvnR8XYpmn1mvxDyODaRe
Gk29yEYknxbZ4O3AXZGuqhQS0AvclIeuVVF1P4VLT/Ax9i7FMNJoYtsxzn7hrohj
86YcFcNHXfigSQpOKV6DSXkG/pjZ78svsyYexzTjrHAuslDkeK7XFYX73hGyw1e/
HSqT9l6LHNja2ELpciVHz0Nu7BPRBewNCqbMnvCr2zMEvpyq+5xbwhWzFjG3Z50U
Bn3t7AtvWq9Zrne/HEyetiBU+2FBPLl/reT1OZfPn1uf6+2evZ9nUdrOFcsYOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:07 2023 by rpki-client on console-fra.rpki-client.org